As an Information Security Officer you will be part of a team responsible for Information Security Risk assessments, IS Risk and Audit follow-up, Information Security standards and the implementation of IS controls.
Your responsibilities:
Information Security Management:
• You identify security protection objectives and metrics in line with the strategic CISO plan and priorities
• You actively support the ISMS (Information Security Management System) in line with international standards
• You are responsible for the active follow-up and completion of the various CISO dashboards and initiate the appropriate corrective measures
• You follow up the defined actions of internal and external IT audits within the IT organization and provide monthly feedback to IT management and Internal Audit at the customer
Governance, Policies & Awareness:
• You are responsible for communicating, complying with and checking PSPG (Policies, Standards, Procedures and Guidelines) on information security and data protection
• You involve the security liaisons at the customer in implementing policies and standards and resolving incidents
Coordination and management:
• You are responsible for the operational coordination and management of one or more projects and initiatives within the Information Security department (priorities, budgets, resource & project planning)
• You coordinate, within the Cyber- & Information Security Office, with other departments and you work closely with IT PMO to align with existing IT project processes
Reporting:
• You assist in the preparation of quarterly reports on the CISO domains to the executive committee
• You are also responsible for drawing up, preparing and following up status reports on these initiatives at senior management level and for reporting on security findings from the dashboards.
• You conduct objective risk assessments and you have a strong analytical and problem-solving ability
• You work independently and coordinate with and report to different parties in a timely manner. You can easily adapt your communication to the person you have in front of you
• You work in a structured manner and can work on multiple tasks in parallel
• You stay informed on the latest developments in CISO domains and proactively consider how these can be applied.
• You have a relevant bachelor's or master's degree
• You already have two years of experience with ISMS and risk assessments
• You have knowledge of ISO2700x standard, of security architecture and controls and of IT processes and technology
• Knowledge of CISSP, CISM or CISA is a plus
• Spoken and written fluency in English is essential;
• Spoken and written fluency in Dutch or French
Offer
Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a market-related salary, you have:
Nog een vraag?
Contacteer onze HR Business partner
Julie Verstichel
Neem contact op